guloader | 2a6bc2d4b52a48b0653f02917d5f136d2a9767a198b13b4d4e5f9c0e66fc0546 | Triage

Sharing

General

Target

2a6bc2d4b52a48b0653f02917d5f136d2a9767a198b13b4d4e5f9c0e66fc0546
Size

104KB
Sample

230129-srwtqade8w
MD5

15ac7fbcd8374c0b164559f9ee0cad0c
SHA1

195dfdc83e8564069b3d66242530a2a6123e5ee6
SHA256

2a6bc2d4b52a48b0653f02917d5f136d2a9767a198b13b4d4e5f9c0e66fc0546
SHA512

f4543b0005cd07aaa5f1baaeabee9fe9a3f7390d878456cb502abbfc6d861ea51171c03e9692c285a9b35872a2641c98eba40677c91e56c940da8d545ec18910
SSDEEP

768:PxinMzXTb/YGY3TtBKLg66gSB6jh2Q1kwFby4iLRKIrR1bBe4T8vpIQR1nJhgfie:8MTPYGUXTHGG3le44R7RJJhiow

Score

10^/10

guloader downloader guloader

Malware Config

Extracted

Family

guloader

C2

https://probeleza.com.br/hn/janomo_FzoNlNqty180.bin

xor.base64

Targets

- Target
  
  2a6bc2d4b52a48b0653f02917d5f136d2a9767a198b13b4d4e5f9c0e66fc0546
- Size
  
  104KB
- MD5
  
  15ac7fbcd8374c0b164559f9ee0cad0c
- SHA1
  
  195dfdc83e8564069b3d66242530a2a6123e5ee6
- SHA256
  
  2a6bc2d4b52a48b0653f02917d5f136d2a9767a198b13b4d4e5f9c0e66fc0546
- SHA512
  
  f4543b0005cd07aaa5f1baaeabee9fe9a3f7390d878456cb502abbfc6d861ea51171c03e9692c285a9b35872a2641c98eba40677c91e56c940da8d545ec18910
- SSDEEP
  
  768:PxinMzXTb/YGY3TtBKLg66gSB6jh2Q1kwFby4iLRKIrR1bBe4T8vpIQR1nJhgfie:8MTPYGUXTHGG3le44R7RJJhiow
Score

10^/10

guloader downloader guloader
- Guloader,Cloudeye
  A shellcode based downloader first seen in 2020.
  downloader guloader
- Guloader payload
  guloader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

guloaderdownloaderguloader

behavioral2

guloaderdownloaderguloader